KingNFT
medium
Calculation of 'rebate' parameter of 'UpdateReferral' event is not correct.
Overview of related source code and audit
event UpdateReferral(
address referrer,
bool isReferralValid,
uint256 totalFee,
uint256 referrerFee,
uint256 rebate,
string referralCode
);
function _processReferralRebate(
address user,
uint256 totalFee,
uint256 amount,
string calldata referralCode,
bool isAbove,
bool isReferralValid
) internal returns (uint256 referrerFee) {
address referrer = referral.codeOwner(referralCode);
if (referrer != user && referrer != address(0)) {
referrerFee = ((totalFee *
referral.referrerTierDiscount(
referral.referrerTier(referrer)
)) / (1e4 * 1e3));
if (referrerFee > 0) {
tokenX.transfer(referrer, referrerFee);
(uint256 formerUnitFee, , ) = _fees(
10**decimals(),
_getbaseSettlementFeePercentage(isAbove)
);
emit UpdateReferral(
referrer,
isReferralValid,
totalFee,
referrerFee,
((formerUnitFee * amount) - totalFee), // @audit should be ((formerUnitFee * amount / 10**decimals()) - totalFee)
referralCode
);
}
}
}
The correct fomula is
rebate = ((formerUnitFee * amount / 10**decimals()) - totalFee)
dAPPs working based on the event would not work.
Manual Review
Replace with the correct fomula